QR code attacks, or Quishing, are the latest trick hitting our inboxes.
As email security tools have evolved and users have gotten savvier about common scams, cybercriminals have had to up their game. Enter QR code attacks, their newest form of phishing that can easily be missed by traditional email defenses. Alongside other email threats like brand and VIP impersonation, spear-phishing, and business email compromise (BEC), quishing has quickly become a top concern for security and IT teams.
We are excited to announce the release of our latest security feature: Protection from QR code-based threats. This new feature detects and flags malicious QR codes embedded in emails. The URLs embedded in the QR codes are extracted and scanned by Sophos for malicious or suspicious content. This addition to our email security suite provides robust protection against QR Code-based threats, ensuring your inboxes remain safe and secure.
This feature is enabled for all accounts by default. You do not need to make any changes to your policy configuration. The detection and the action configured for URL protection will be applied to emails with malicious QR codes, too. Note that the “Time of Click” configuration will not apply to the URLs embedded in QR codes.
Stay safe and stay secure!
